Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectworlds vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-19109
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_edit.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
668
VMScore
CVE-2020-19110
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to book.php parameter, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
668
VMScore
CVE-2020-19111
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which could let a remote mailicious user bypass authentication and obtain sensitive information.
Projectworlds Online Book Store Project In Php 1.0
668
VMScore
CVE-2020-19112
SQL Injection vulnerability in Online Book Store v1.0 via the bookisbn parameter to admin_delete.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
668
VMScore
CVE-2020-19113
Arbitrary File Upload vulnerability in Online Book Store v1.0 in admin_add.php, which may lead to remote code execution.
Projectworlds Online Book Store Project In Php 1.0
668
VMScore
CVE-2020-19114
SQL Injection vulnerability in Online Book Store v1.0 via the publisher parameter to edit_book.php, which could let a remote malicious user execute arbitrary code.
Projectworlds Online Book Store Project In Php 1.0
578
VMScore
CVE-2020-27397
Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote malicious users to gain remote code execution (RCE) on the Hosting web server via uploading a maliciously crafted PHP file.
Projectworlds Online Matrimonial Project 1.0
383
VMScore
CVE-2020-23832
A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote malicious users to harvest an admin login session cookie and steal an admin session upon an admin login.
Car Rental Management System Project Car Rental Management System 1.0
578
VMScore
CVE-2020-25760
Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database.
Projectworlds Visitor Management System In Php 1.0
383
VMScore
CVE-2020-25761
Projectworlds Visitor Management System in PHP 1.0 allows XSS. The file myform.php does not perform input validation on the request parameters. An attacker can inject javascript payloads in the parameters to perform various attacks such as stealing of cookies,sensitive informatio...
Projectworlds Visitor Management System In Php 1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »